Re: FREAK Security Alert

From: Loganaden Velvindron <loganaden_at_gmail.com>
Date: Mon, 9 Mar 2015 17:08:46 +0000

On Mon, Mar 9, 2015 at 3:44 PM, S Moonesamy <sm+mu_at_elandsys.com> wrote:
> Hi Ish,
> At 06:43 09-03-2015, Ish Sookun wrote:
>>
>> The main highlight of this vulnerability is the use of weak ciphers.
>
>
> Yes.
>
>> I'm planning to write a blog post with a possible attack scenario; if
>> somebody would like to contribute with ideas or a mini interview, that would
>> be awesome.
>
>
> The attack would be to intercept the encrypted connection (HTTPS), trigger
> the bug, and factor the 512-bit RSA modulus. You can then inject data into
> that encrypted connection without the user detecting that it has been done.
> The user will believe that when he or she is seeing comes from the (HTTPS)
> web site.

It's complicated by the existence of intermediate devices like proxy
filters, or even QoS devices that attempt to analyse the traffic at
layer 7. They may downgrade the connection (un-intentionally or
intentionally).

One of the major weaknesses of SSL/TLS is MiTM attacks.


>
> Regards,
> S. Moonesamy
>



-- 
This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.
Received on Mon Mar 09 2015 - 17:09:00 PST

This archive was generated by hypermail 2.3.0 : Mon Mar 09 2015 - 17:18:02 PST